|
Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200407-12] Linux Kernel: Remote DoS vulnerability with IPTables TCP Handling Vulnerability Scan
Vulnerability Scan Summary Linux Kernel: Remote DoS vulnerability with IPTables TCP Handling
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200407-12
(Linux Kernel: Remote DoS vulnerability with IPTables TCP Handling)
A possible hacker can utilize an erroneous data type in the IPTables TCP option
handling code, which lies in an iterator. By making a TCP packet with a
header length larger than 127 bytes, a negative integer would be implied in
the iterator.
Impact
By sending one malformed packet, the kernel could get stuck in a loop,
consuming all of the CPU resources and rendering the machine useless,
causing a Denial of Service. This vulnerability requires no local access.
Workaround
If users do not use the netfilter functionality or do not use any
``--tcp-option'' rules they are not vulnerable to this exploit. Users that
are may remove netfilter support from their kernel or may remove any
``--tcp-option'' rules they might be using. However, all users are urged to
upgrade their kernels to patched versions.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0626
Solution:
Users are encouraged to upgrade to the latest available sources for their
system:
# emerge sync
# emerge -pv your-favorite-sources
# emerge your-favorite-sources
# # Follow usual procedure for compiling and installing a kernel.
# # If you use genkernel, run genkernel as you would do normally.
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|